<?php 

/**
 * 过滤XSS攻击
 */
function Delxss($str)
{
  $str=preg_replace("/<(style.*?)>(.*?)<(\/style.*?)>/si","",$str);
  $str=preg_replace("/<(\/?html.*?)>/si","",$str); //过滤html标签
  $str=preg_replace("/<(\/?head.*?)>/si","",$str); //过滤head标签
  $str=preg_replace("/<(\/?meta.*?)>/si","",$str); //过滤meta标签
  $str=preg_replace("/<(\/?style.*?)>/si","",$str); //过滤style标签
  $str=preg_replace("/<(\/?pre.*?)>/si","",$str); //过滤style标签
  $str=preg_replace("/<(\/?div.*?)>/si","",$str); //过滤body标签
  $str=preg_replace("/<(i?frame.*?)>(.*?)<(\/i?frame.*?)>/si","",$str); //过滤frame标签
  $str=preg_replace("/<(\/?i?frame.*?)>/si","",$str); //过滤frame标签
  $str=preg_replace("/<(script.*?)>(.*?)<(\/script.*?)>/si","",$str); //过滤script标签
  $str=preg_replace("/<(\/?script.*?)>/si","",$str); //过滤script标签
  $str=preg_replace("/javascript/si","Javascript",$str); //过滤script标签
  $str=preg_replace("/vbscript/si","Vbscript",$str); //过滤script标签
  $str=preg_replace("/on([a-z]+)\s*=/si","On\\1=",$str); //过滤script标签
  $str=preg_replace("/<(\/?form.*?)>/si","",$str); //过滤 form标签
  $str=preg_replace("/cookie/si","COOKIE",$str); //过滤 COOKIE 标签 &[\w]{2,10}
  $str=preg_replace("/&#/si","&＃",$str); //过滤script标签，如javAsCript:alert
  $str=preg_replace("/style=\"[^\"]+\"/i", '', $str);
  $str=preg_replace("/class=\"[^\"]+\"/i", '', $str);
  $str=preg_replace("/id=\"[^\"]+\"/i", '', $str);
  $str=preg_replace("/face=\"[^\"]+\"/i", '', $str);
  $str=preg_replace("/<(noframes.*?)>(.*?)<(\/noframes.*?)>/si","",$str); //过滤noframes标签
  $str=preg_replace("/<(\/?noframes.*?)>/si","",$str); //过滤noframes标签
  $str=preg_replace("/<!--[^\!\[]*?-->/i", '', $str);
  $str=preg_replace("/<(object.*?)>(.*?)<(\/object.*?)>/si","",$str); //过滤object标签
  $str=preg_replace("/<(\/?objec.*?)>/si","",$str); //过滤object标签
  $str=preg_replace("/<(\/?section.*?)>/si","",$str); //过滤 section标签 
  $str=preg_replace("/<(\/?spanyes.*?)>/si","",$str); //过滤 w:LatentStyles 
  $str=preg_replace("/<(\/?o:p.*?)>/si","",$str); //过滤 section标签 
  $str=preg_replace("/<(\/?w:.*?)>/si","",$str); //过滤 w:LatentStyles <w:LsdException
  $str=preg_replace("/<(\/?\?xml.*?)>/si","",$str); //过滤img标签
  $str=preg_replace("/<(\/?link.*?)>/si","",$str); //过滤link标签
  return $str;
}

function FormatMoney($money){
    if($money >= 10000){
     return sprintf("%.2f", $money/10000).'万';
    }else{
     return FloatEnInt($money);
    }
 }

function FloatEnInt($nu) {
  return (int)$nu;
}

/**
 * 验证客户端类型
 */
function is_mobile_request() {  
 $_SERVER['ALL_HTTP'] = isset($_SERVER['ALL_HTTP']) ? $_SERVER['ALL_HTTP'] : '';  
 $mobile_browser = '0';  
 if(preg_match('/(up.browser|up.link|mmp|symbian|smartphone|midp|wap|phone|iphone|ipad|ipod|android|xoom)/i', strtolower($_SERVER['HTTP_USER_AGENT'])))  
  $mobile_browser++;  
 if((isset($_SERVER['HTTP_ACCEPT'])) and (strpos(strtolower($_SERVER['HTTP_ACCEPT']),'application/vnd.wap.xhtml+xml') !== false))  
  $mobile_browser++;  
 if(isset($_SERVER['HTTP_X_WAP_PROFILE']))  
  $mobile_browser++;  
 if(isset($_SERVER['HTTP_PROFILE']))  
  $mobile_browser++;  
 $mobile_ua = strtolower(substr($_SERVER['HTTP_USER_AGENT'],0,4));  
 $mobile_agents = array(  
    'w3c ','acs-','alav','alca','amoi','audi','avan','benq','bird','blac',  
    'blaz','brew','cell','cldc','cmd-','dang','doco','eric','hipt','inno',  
    'ipaq','java','jigs','kddi','keji','leno','lg-c','lg-d','lg-g','lge-',  
    'maui','maxo','midp','mits','mmef','mobi','mot-','moto','mwbp','nec-',  
    'newt','noki','oper','palm','pana','pant','phil','play','port','prox',  
    'qwap','sage','sams','sany','sch-','sec-','send','seri','sgh-','shar',  
    'sie-','siem','smal','smar','sony','sph-','symb','t-mo','teli','tim-',  
    'tosh','tsm-','upg1','upsi','vk-v','voda','wap-','wapa','wapi','wapp',  
    'wapr','webc','winw','winw','xda','xda-'
    );  
 if(in_array($mobile_ua, $mobile_agents))  
  $mobile_browser++;  
 if(strpos(strtolower($_SERVER['ALL_HTTP']), 'operamini') !== false)  
  $mobile_browser++;  
 // Pre-final check to reset everything if the user is on Windows  
 if(strpos(strtolower($_SERVER['HTTP_USER_AGENT']), 'windows') !== false)  
  $mobile_browser=0;  
 // But WP7 is also Windows, with a slightly different characteristic  
 if(strpos(strtolower($_SERVER['HTTP_USER_AGENT']), 'windows phone') !== false)  
  $mobile_browser++;  
 if($mobile_browser>0)  
  return true;  
 else
  return false;
}